CVE-2016-5181

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted execution of v8 microtasks while the DOM was in an inconsistent state, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via crafted HTML pages...

Nagios Log Server 1.4.1 - Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Log Server Multiple Vulnerabilities Affected versions: Nagios Log Server = 1.4.1 PDF:...

Fedora 23 : xen (2016-f1c21e3c3c)

qemu-kvm: Integer overflow in SDL when creating too wide screen QEMU: Banked access to VGA memory VBE uses inconsistent bounds checks XSA-179, CVE-2016-3710, CVE-2016-3712 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

SUSE SLES10 Security Update : Xen (SUSE-SU-2016:1445-1)

Xen was updated to fix the following security issues : CVE-2016-2841: net: ne2000: infinite loop in ne2000receive bsc969351 CVE-2016-2391: usb: multiple eoftimers in ohci module leads to NULL pointer dereference bsc967101 CVE-2016-2270: x86: inconsistent cachability flags on guest mappings XSA-15...

Scientific Linux Security Update : grep on SL7.x x86_64 (20151119)

A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory. CVE-2015-1345 This update...

grep security update

CentOS Errata and Security Advisory CESA-2015:2111 Updated grep packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base...

CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

Code injection

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

Users with only View Space permission are able to edit Space Questions

h2. Problem Summary Users are able to edit any Space Questions as long as they have View permissions for that space. This includes questions asked by other users. Users do not need to have Space Admin or even Add/Edit Page permissions to the space, only View is required. This is inconsistent when...

Users with only View Space permission are able to edit Space Questions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46923. panel h2. Problem Summary Users are able to edit any Space Questions as long as they have View permissions for that space...

KLA10466 Multiple vulnerabilities in Apple Safari

Multiple vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to . Below is a complete list of vulnerabilities 1. Inconsistent URL diaplsying can be exploited remotely via a specially designed URL; 2. Unknown vulnerabilities can be exploited remotely...

PHP 5.5.12 - Locale::parseLocale Memory Corruption

Full Package: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35358.tgz Description: ------------ PHP 5.5.12 suffers from a memory corruption vulnerability that could potentially be exploited to achieve remote code execution. The vulnerability exists due to...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.17, fixing various security issues. Following security issues were fixed: MFSA 2010-74 / CVE-2010-3777: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products...

Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)

Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2013:1142-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE Update for xulrunner openSUSE-SU-2013:1143-1 (xulrunner)

Check for the Version of xulrunner OpenVAS Vulnerability Test $Id: gbsuse201311431.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for xulrunner openSUSE-SU-2013:1143-1 xulrunner Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This...

PreserveWrapper has inconsistent behavior — Mozilla

Mozilla developer Boris Zbarsky found that when PreserveWrapper was used in cases where a wrapper is not set, the preserved-wrapper flag on the wrapper cache is cleared. This could potentially lead to an exploitable crash...

Debian DSA-2527-1 : php5 - several vulnerabilities

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2012-2688 A buffer overflow in the scandir function could lead to denial of service or the execution of arbitrary code. -...